The TLS mutual authentication technique in enterprise environments ensures the authenticity of clients to the server. If incoming client certificates are enabled only an authenticated client with valid certificates can access the app.
Mutual TLS is not being used
Enable incoming certificates for clients
The following example will fail the azure-appservice-require-client-cert check.
The following example will pass the azure-appservice-require-client-cert check.